Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Computer Networking > Linux Networking > Simple gateway routing and VPN?

Reply
Thread Tools Display Modes

Simple gateway routing and VPN?

 
 
Enta
Guest
Posts: n/a

 
      11-24-2004, 09:56 AM
Hi all,

I've got a Slackware box with the 2.6.8.1 kernel compiled with IPSec/VPN
support, it's got one NIC and is connected to an Internet router that has
the the Slack box in DMZ. I'm trying to establish this machine as the new
gateway in my LAN for various purposes instead of a hardware NAT only
router. I'm using racoon to establish some VPN's (actually quite a lot of
them), it all works well and the VPN's establish and I can communicate
between sites. Machines on my local LAN using the Slack box as their gateway
can also talk to the established VPN's... all is excellent.

My problems started when I put a second NIC into the Slack box with a
dedicated no-NAT bridged external IP. I've brought up the interface, set the
IP/netmask and changed my default route. I can access the Net and so can
clients on my internal LAN, I can establish my VPN's with racoon but I can't
talk over them anymore, not even from the Slack console. Any ideas??

I've changed my ipsec.conf so that the setkey parameters use my NIC's
dedicated external IP and this all seems OK because racoon is able to
establish the SA's. I've dropped my firewall entirely for testing purposes
and all tables are set to accept, still nothing, and ip_forward is
definitely set to 1. My local LAN clients can still all access the Internet
so I *think* that my box is routing between the two NIC's correctly but for
some reason I get time outs connecting to VPN'd addresses. It feels like a
routing problem to me but I just can't seem to spot it so if anyone can shed
any light...

The only thing that makes me think it's routing is that from my Slack box I
did a traceroute to Google and found that the first hop came back as the
Internet gateway on my local LAN rather than the IP of the second NIC which
is what I would have expected it to be, given that the default route from
"ip route" is set to use the external IP on the second NIC.

Any suggestions would be greatly appreciated.


Here's the deal if you need some numbers...

------------------- ---------------------
| Internet Router | | Linux VPN Gateway |
| 172.16.100.254 |--------| 172.16.100.5 |
| (def. LAN GW) | | & 81.xx.xx.xx |
------------------- ---------------------
| |
(will scrap this link) |
(when Slack GW works ) |
|
------------------- |
| LAN | |
| 172.16.100.0/24 |--------------------
| |
-------------------

Regards,
Jon.
 
Reply With Quote
 
 
 
Reply

« SNMP on Wireless Access Point Linksys WRT54G | Redirection based on URL »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
PSE help: up a very simple routing lab Branlebāt Windows Networking 5 01-11-2008 03:20 PM
simple lan routing BW Windows Networking 7 04-27-2007 02:56 AM
Simple Routing ValeX Network Routers 19 04-11-2006 07:17 AM
Setting up a simple gateway Captain Beefheart Linux Networking 2 07-22-2004 08:31 PM
Setup Simple Linux Gateway Warren Linux Networking 2 09-04-2003 01:05 PM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11